What Is Regincd.exe And Regincd2.exe

Please do not click on the ComboFix window while it is running a scan. poste dieses Log (ueber cmd) dir /s /a "c:\APPATC*.*" > c:\find.txt & start notepad c:\find.txt ------------------------------------------------------------------------------------------------- 2. Please download the Event Viewer Tool by Vino Rossohttp://images.malwar...om/vino/VEW.exeand save it to your Desktop:2. Kopiere diese 4 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfΓΌgen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html

C:\Programme\VideoCAM Trek\wSkin.exe ... nochmal ein Report von Hijack: Logfile of HijackThis v1.99.1 Scan saved at 17:15:08, on 16.06.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe File C:\warebundle.exe deleted successfully. Pyron\Application Data\mjusbsp\cdloader2.exe" [2008-12-17 50520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdaptecDirectCD "= "c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-06-19 684032] "Share-to-Web Namespace Daemon "= "c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] "HPDJ Taskbar Utility "= "c:\windows\System32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-07 196608] "QuickTime https://forums.techguy.org/threads/what-is-regincd-exe-and-regincd2-exe.477640/

C:\avenger\backup.zip\WAREBUNDLE.EXE-REN-200 ... Pyron failed to print on printer hp deskjet 960c. regincd.exe and regincd2.exe I'm afraid to open them just in case...

Right click on System and Clear All Events, No (we don't want to save the old log), OK. Could not process line: C:\WINDOWS\system32\sOgnb.dll Status: 0xc0000034 File C:\WINDOWS\system32\gp8ol3l31.dll not found! The file or process has been deleted. c:\docume~1\JONATH~1.PYR\LOCALS~1\Temp\tmp2.tmp c:\documents and settings\Allen Davis\Application Data\ptads.bin c:\documents and settings\Jonathan K.

The file or process has been deleted. http://clubs.dir.bg/showflat.php?Board=sisadmins&Number=1946429976&page=5&view=collapsed&sb=3&vc=1 C:\Documents and Settings\Administrator\Local Settings\temp\setup_wm.exe => Moved successfully. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-4-12 33832] =============== Created Last 30 ================ 4/18/2009 19:21 28,672 a------- c:\windows\system32\f3PSSavr.scr 4/18/2009 19:21

--d----- c:\program files\MyWebSearch 4/18/2009 19:20 --d----- c:\program files\FunWebProducts 4/18/2009 12:43 --d----- c:\docume~1\jonath~1.pyr\applic~1\McAfee 4/17/2009 Ud af det blε dukkede der en fejlmelding op hvor hun fik muligheden mellem at sende eller at undlade at sende.

You are viewing our forum as a guest. The file or process has been deleted. Found potentially unwanted program Tool-NetMon. Found potentially unwanted program Adware-Isearch.

Found the Generic Downloader.ab trojan !!! HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD6326 => Value deleted successfully. Could not process line: C:\WINDOWS\system32\gp8ol3l31.dll Status: 0xc0000034 File C:\WINDOWS\system32\enpsrv.dll deleted successfully. Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Network Monitor failed!

Yes, my password is: Forgot your password? Attempting to delete: C:\WINDOWS\system32\g6220gfoe62c0.dll C:\WINDOWS\system32\g6220gfoe62c0.dll Deleted successfully! C:\Documents and Settings\Administrator\Local Settings\temp\regincd2.exe => Moved successfully.

Most of what it finds will be harmless or even required.

Thanks! **NOTE - Allow ComboFix to update if prompted. HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB7206 => Value deleted successfully. C:\Documents and Settings\Administrator\Local Settings\temp\qv2g3krl.exe => Moved successfully. Found potentially unwanted program Adware-Isearch.

C:\Documents and Settings\Administrator\Local Settings\temp\mPlayer.dj.dll => Moved successfully. b31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Network Monitor deleted successfully. Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NETWORK_MONITOR\0000 failed!

